SlideShare a Scribd company logo

InfoSec Gamification

Download as PPTX, PDF
Jose L. Quiñones-Borrero
Jose L. Quiñones-Borrero

InfoSec Gamification By: Jose L. Quiñones @josequinones Learn how gamification works for infosec scenarios. This presentation was given on 9/18/2014 at the Init6 Meeting

Technology
1 of 15
INFOSEC GAMIFICATION Jose L. Quiñones, BS MCP, MCSA, MCT, CEH, CEI, GPEN, GCIH, RHCSA
HOW WE LEARN? RTFM? Discovery Doing Repetition Mastering
LEVELS OF LEARNING Knowledge: Exhibit memory of learned materials by recalling facts, terms, basic concepts and answers Comprehension: Demonstrate understanding of facts and ideas by organizing, comparing, translating, interpreting, giving descriptions, and stating the main ideas Application: Using acquired knowledge. Solve problems in new situations by applying acquired knowledge, facts, techniques and rules in a different way Analysis: Examine and break information into parts by identifying motives or causes. Make inferences and find evidence to support generalizations Evaluation: Present and defend opinions by making judgments about information, validity of ideas or quality of work based on a set of criteria Synthesis: Compile information together in a different way by combining elements in a new pattern or proposing alternative solutions
WHAT IS GAMIFICATION? Is the use of game thinking and game mechanics in non-game contexts to engage users in solving problems. A review of research on gamification shows that most studies on gamification find positive effects from gamification in education. Strives to leverage people's natural desires for socializing, learning, mastery, competition, achievement, status, self-expression, altruism, or closure.
ASPECTS OF GAMIFICATION Gamification strategies use rewards for players who accomplish desired tasks or competition to engage players. Types of rewards include points, achievement badges or levels, the filling of a progress bar, or providing the user with currency. Making the rewards for accomplishing tasks visible to other players or providing leader boards are ways of encouraging players to compete.
WE ALL LIKE WINNING …
HOW CAN WE USE IT? Measure:  Skills  Knowledge  Creativity Identify Talent  Who knew that guy/gal was that good? Teach/Learn/Train  Using realistic scenarios and specific areas of development
TYPES / TECHNIQUES Capture the Flag King of the hill / Free for all Red Team /Blue Team Puzzles Scavenger Hunts Specific Challenges
INFOSEC TOPICS Systems Administration Forensics Local Exploitation/Privilege Escalation / Abuse Network Penetration Web Applications Penetrating the perimeter (DMZ/Firewall) Pivoting Development/Coding/Programming Reverse Engineering
WHERE TO FIND THEM?
ACTUALLY …
WHERE TO FIND STUFF TO PRACTICE … OWASP Webgoat:  https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project Iron Geek – Mutillidea:  http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php- owasp-top-10  http://sourceforge.net/projects/mutillidae/ HD Moore Metasploitable 2:  http://sourceforge.net/projects/metasploitable/  https://community.rapid7.com/docs/DOC-1875 Repository of Challenges: – http://capture.thefl.ag or http://captf.com Exploit Development (Linux): http://exploit-exersices.com Cyberaces.org: https://tutorials.cyberaces.org/tutorials
SO NOW YOU KNOW … LET’S JUMP IN!
CODEFIDELIO.ORG … and go to the challenges section.
THANKS! Email: josequinones@codefidelio.org Twitter: @josequinones G+: https://plus.google.com/u/2/+JoseLQuinonesBorrero

Recommended

Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Gamification words
Gamification wordsGamification words
Gamification words
University of Wisconsin-Platteville
 
Math FACTS (Free Awesome, Cool Tools for Students)
Math FACTS (Free Awesome, Cool Tools for Students)Math FACTS (Free Awesome, Cool Tools for Students)
Math FACTS (Free Awesome, Cool Tools for Students)
sqoolmaster
 
Web marketing
Web marketingWeb marketing
Web marketing
Nicola Mattina
 
A Theory of Gamification Principles Through Goal-Setting Theory
A Theory of Gamification Principles Through Goal-Setting TheoryA Theory of Gamification Principles Through Goal-Setting Theory
A Theory of Gamification Principles Through Goal-Setting Theory
Gustavo Tondello
 
6 Killer Examples Of Gamification In eLearning - EI Design
6 Killer Examples Of Gamification In eLearning - EI Design 6 Killer Examples Of Gamification In eLearning - EI Design
6 Killer Examples Of Gamification In eLearning - EI Design
EI Design
 
LTMS 510 Multiplayer Classroom Syllabus
LTMS 510 Multiplayer Classroom SyllabusLTMS 510 Multiplayer Classroom Syllabus
LTMS 510 Multiplayer Classroom Syllabus
Andy Petroski
 

Recommended

Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Gamification words
Gamification wordsGamification words
Gamification words
University of Wisconsin-Platteville
 
Math FACTS (Free Awesome, Cool Tools for Students)
Math FACTS (Free Awesome, Cool Tools for Students)Math FACTS (Free Awesome, Cool Tools for Students)
Math FACTS (Free Awesome, Cool Tools for Students)
sqoolmaster
 
Web marketing
Web marketingWeb marketing
Web marketing
Nicola Mattina
 
A Theory of Gamification Principles Through Goal-Setting Theory
A Theory of Gamification Principles Through Goal-Setting TheoryA Theory of Gamification Principles Through Goal-Setting Theory
A Theory of Gamification Principles Through Goal-Setting Theory
Gustavo Tondello
 
6 Killer Examples Of Gamification In eLearning - EI Design
6 Killer Examples Of Gamification In eLearning - EI Design 6 Killer Examples Of Gamification In eLearning - EI Design
6 Killer Examples Of Gamification In eLearning - EI Design
EI Design
 
LTMS 510 Multiplayer Classroom Syllabus
LTMS 510 Multiplayer Classroom SyllabusLTMS 510 Multiplayer Classroom Syllabus
LTMS 510 Multiplayer Classroom Syllabus
Andy Petroski
 
Ctl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next levelCtl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next levelMatthew Farber
 
21CLHK9 - Building Heroes
21CLHK9 - Building Heroes21CLHK9 - Building Heroes
21CLHK9 - Building Heroes
Anthony Copeland
 
Agile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning CultureAgile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning Culture
Renee Troughton
 
Crash course in edugaming
Crash course in edugamingCrash course in edugaming
Crash course in edugaming
Pearson
 
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix BrezoJéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jose María Blanco Navarro
 
Gamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to GamificationGamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to Gamification
Chetan Sundarde
 
Open Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - RyersonOpen Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - Ryerson
Don Presant
 
Eim 504 leslie shockley power point
Eim 504 leslie shockley power pointEim 504 leslie shockley power point
Eim 504 leslie shockley power point
Leslie Shockley
 
Technology Integration class #1 2011
Technology Integration class #1 2011Technology Integration class #1 2011
Technology Integration class #1 2011
Dr. Maureen Lamb
 
Introduction to Gamification
Introduction to GamificationIntroduction to Gamification
Introduction to Gamification
Снежана Бежнар
 
A Guide for Employee Gamified Learning
A Guide for Employee Gamified LearningA Guide for Employee Gamified Learning
A Guide for Employee Gamified Learning
Karl Kapp
 
Tb09
Tb09Tb09
Tb09inKFUPM
 
AI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World TutorialAI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World Tutorial
Tariq King
 
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...Shawndra Bowers
 
modeling
modelingmodeling
modelingYuxin Ma
 
M-Assessment_D-NDave
M-Assessment_D-NDaveM-Assessment_D-NDave
M-Assessment_D-NDaveDavid Sugden
 
Intro to gamification by tydus.it
Intro to gamification by tydus.itIntro to gamification by tydus.it
Intro to gamification by tydus.it
Vincent Richard
 
Reactions to Gamified Training
Reactions to Gamified TrainingReactions to Gamified Training
Reactions to Gamified Training
Michael Armstrong
 
UKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamificationUKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamification
Sasja Beerendonk
 
Student-centred KM strategies
Student-centred KM strategiesStudent-centred KM strategies
Student-centred KM strategiesSIKM
 
Hacking blockchain
Hacking blockchainHacking blockchain
Hacking blockchain
Jose L. Quiñones-Borrero
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
Jose L. Quiñones-Borrero
 

More Related Content

Similar to InfoSec Gamification

Ctl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next levelCtl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next levelMatthew Farber
 
21CLHK9 - Building Heroes
21CLHK9 - Building Heroes21CLHK9 - Building Heroes
21CLHK9 - Building Heroes
Anthony Copeland
 
Agile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning CultureAgile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning Culture
Renee Troughton
 
Crash course in edugaming
Crash course in edugamingCrash course in edugaming
Crash course in edugaming
Pearson
 
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix BrezoJéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jose María Blanco Navarro
 
Gamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to GamificationGamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to Gamification
Chetan Sundarde
 
Open Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - RyersonOpen Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - Ryerson
Don Presant
 
Eim 504 leslie shockley power point
Eim 504 leslie shockley power pointEim 504 leslie shockley power point
Eim 504 leslie shockley power point
Leslie Shockley
 
Technology Integration class #1 2011
Technology Integration class #1 2011Technology Integration class #1 2011
Technology Integration class #1 2011
Dr. Maureen Lamb
 
Introduction to Gamification
Introduction to GamificationIntroduction to Gamification
Introduction to Gamification
Снежана Бежнар
 
A Guide for Employee Gamified Learning
A Guide for Employee Gamified LearningA Guide for Employee Gamified Learning
A Guide for Employee Gamified Learning
Karl Kapp
 
AI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World TutorialAI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World Tutorial
Tariq King
 
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...Shawndra Bowers
 
M-Assessment_D-NDave
M-Assessment_D-NDaveM-Assessment_D-NDave
M-Assessment_D-NDaveDavid Sugden
 
Intro to gamification by tydus.it
Intro to gamification by tydus.itIntro to gamification by tydus.it
Intro to gamification by tydus.it
Vincent Richard
 
Reactions to Gamified Training
Reactions to Gamified TrainingReactions to Gamified Training
Reactions to Gamified Training
Michael Armstrong
 
UKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamificationUKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamification
Sasja Beerendonk
 
Student-centred KM strategies
Student-centred KM strategiesStudent-centred KM strategies
Student-centred KM strategiesSIKM
 

Similar to InfoSec Gamification (20)

Ctl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next levelCtl4.4 p20 9 taking learning to the next level
Ctl4.4 p20 9 taking learning to the next level
 
21CLHK9 - Building Heroes
21CLHK9 - Building Heroes21CLHK9 - Building Heroes
21CLHK9 - Building Heroes
 
Agile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning CultureAgile Washington 2015 Creating a Learning Culture
Agile Washington 2015 Creating a Learning Culture
 
Crash course in edugaming
Crash course in edugamingCrash course in edugaming
Crash course in edugaming
 
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix BrezoJéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
Jéssica Cohen, José M. Blanco, Yaiza Rubio, Félix Brezo
 
Gamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to GamificationGamification - A Brief Introduction to Gamification
Gamification - A Brief Introduction to Gamification
 
Open Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - RyersonOpen Badges Sandbox Introduction - Ryerson
Open Badges Sandbox Introduction - Ryerson
 
Eim 504 leslie shockley power point
Eim 504 leslie shockley power pointEim 504 leslie shockley power point
Eim 504 leslie shockley power point
 
Technology Integration class #1 2011
Technology Integration class #1 2011Technology Integration class #1 2011
Technology Integration class #1 2011
 
Introduction to Gamification
Introduction to GamificationIntroduction to Gamification
Introduction to Gamification
 
A Guide for Employee Gamified Learning
A Guide for Employee Gamified LearningA Guide for Employee Gamified Learning
A Guide for Employee Gamified Learning
 
Tb09
Tb09Tb09
Tb09
 
AI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World TutorialAI and ML Skills for the Testing World Tutorial
AI and ML Skills for the Testing World Tutorial
 
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
Technology Integration for Meaning Classroom Use: Chapter 7 - Assessment and ...
 
modeling
modelingmodeling
modeling
 
M-Assessment_D-NDave
M-Assessment_D-NDaveM-Assessment_D-NDave
M-Assessment_D-NDave
 
Intro to gamification by tydus.it
Intro to gamification by tydus.itIntro to gamification by tydus.it
Intro to gamification by tydus.it
 
Reactions to Gamified Training
Reactions to Gamified TrainingReactions to Gamified Training
Reactions to Gamified Training
 
UKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamificationUKLUG 2012 Leverage user adoption with gamification
UKLUG 2012 Leverage user adoption with gamification
 
Student-centred KM strategies
Student-centred KM strategiesStudent-centred KM strategies
Student-centred KM strategies
 

More from Jose L. Quiñones-Borrero

Hacking blockchain
Hacking blockchainHacking blockchain
Hacking blockchain
Jose L. Quiñones-Borrero
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
Jose L. Quiñones-Borrero
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
Jose L. Quiñones-Borrero
 
Weaponization of IoT
Weaponization of IoTWeaponization of IoT
Weaponization of IoT
Jose L. Quiñones-Borrero
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
Jose L. Quiñones-Borrero
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
Jose L. Quiñones-Borrero
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
Jose L. Quiñones-Borrero
 
Pivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG PresentationPivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG Presentation
Jose L. Quiñones-Borrero
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
Jose L. Quiñones-Borrero
 
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Jose L. Quiñones-Borrero
 
Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013
Jose L. Quiñones-Borrero
 
InfoSec professional advice to university students
InfoSec professional advice to university students InfoSec professional advice to university students
InfoSec professional advice to university students
Jose L. Quiñones-Borrero
 
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meetingBYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
Jose L. Quiñones-Borrero
 

More from Jose L. Quiñones-Borrero (13)

Hacking blockchain
Hacking blockchainHacking blockchain
Hacking blockchain
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
Weaponization of IoT
Weaponization of IoTWeaponization of IoT
Weaponization of IoT
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
 
Pivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG PresentationPivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG Presentation
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
 
Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013
 
InfoSec professional advice to university students
InfoSec professional advice to university students InfoSec professional advice to university students
InfoSec professional advice to university students
 
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meetingBYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
 

Recently uploaded

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 

Recently uploaded (20)

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 

InfoSec Gamification

  • 1. INFOSEC GAMIFICATION Jose L. Quiñones, BS MCP, MCSA, MCT, CEH, CEI, GPEN, GCIH, RHCSA
  • 2. HOW WE LEARN? RTFM? Discovery Doing Repetition Mastering
  • 3. LEVELS OF LEARNING Knowledge: Exhibit memory of learned materials by recalling facts, terms, basic concepts and answers Comprehension: Demonstrate understanding of facts and ideas by organizing, comparing, translating, interpreting, giving descriptions, and stating the main ideas Application: Using acquired knowledge. Solve problems in new situations by applying acquired knowledge, facts, techniques and rules in a different way Analysis: Examine and break information into parts by identifying motives or causes. Make inferences and find evidence to support generalizations Evaluation: Present and defend opinions by making judgments about information, validity of ideas or quality of work based on a set of criteria Synthesis: Compile information together in a different way by combining elements in a new pattern or proposing alternative solutions
  • 4. WHAT IS GAMIFICATION? Is the use of game thinking and game mechanics in non-game contexts to engage users in solving problems. A review of research on gamification shows that most studies on gamification find positive effects from gamification in education. Strives to leverage people's natural desires for socializing, learning, mastery, competition, achievement, status, self-expression, altruism, or closure.
  • 5. ASPECTS OF GAMIFICATION Gamification strategies use rewards for players who accomplish desired tasks or competition to engage players. Types of rewards include points, achievement badges or levels, the filling of a progress bar, or providing the user with currency. Making the rewards for accomplishing tasks visible to other players or providing leader boards are ways of encouraging players to compete.
  • 6. WE ALL LIKE WINNING …
  • 7. HOW CAN WE USE IT? Measure:  Skills  Knowledge  Creativity Identify Talent  Who knew that guy/gal was that good? Teach/Learn/Train  Using realistic scenarios and specific areas of development
  • 8. TYPES / TECHNIQUES Capture the Flag King of the hill / Free for all Red Team /Blue Team Puzzles Scavenger Hunts Specific Challenges
  • 9. INFOSEC TOPICS Systems Administration Forensics Local Exploitation/Privilege Escalation / Abuse Network Penetration Web Applications Penetrating the perimeter (DMZ/Firewall) Pivoting Development/Coding/Programming Reverse Engineering
  • 10. WHERE TO FIND THEM?
  • 12. WHERE TO FIND STUFF TO PRACTICE … OWASP Webgoat:  https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project Iron Geek – Mutillidea:  http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php- owasp-top-10  http://sourceforge.net/projects/mutillidae/ HD Moore Metasploitable 2:  http://sourceforge.net/projects/metasploitable/  https://community.rapid7.com/docs/DOC-1875 Repository of Challenges: – http://capture.thefl.ag or http://captf.com Exploit Development (Linux): http://exploit-exersices.com Cyberaces.org: https://tutorials.cyberaces.org/tutorials
  • 13. SO NOW YOU KNOW … LET’S JUMP IN!
  • 14. CODEFIDELIO.ORG … and go to the challenges section.
  • 15. THANKS! Email: josequinones@codefidelio.org Twitter: @josequinones G+: https://plus.google.com/u/2/+JoseLQuinonesBorrero

Editor's Notes

  1. https://www.youtube.com/user/webpwnized http://sourceforge.net/projects/mutillidae/ https://community.rapid7.com/docs/DOC-1875 http://www.pentesteracademy.com/course?id=8 http://www.pentesteracademy.com/course?id=12